The best ways to protect your organisation against Business Email Compromise scams

How to protect against BEC attacks
In the last post, we discussed the different types of BEC scams. Now we will see ways to protect against them.

  • Being aware of common BEC attack scenarios
    Awareness of the types of BEC scams is the first step in building a defence against them. By knowing what to look out for, your workforce will not fall for such scams.
  • Cybersecurity Training
    Adequate cybersecurity training will help employees understand the risks and implications of these attacks and how to respond to them. Since BEC exploits human vulnerabilities, an effective training program should emphasize the role grooming plays in such attacks. Proper guidance in the use of IT controls can empower employees in making the best security decisions.
  • Using strong passwords and multi-factor authentication
    Businesses should have a policy requiring strong passwords and frequent changing of passwords. Multi-factor authentication can be implemented through an authentication app. Employees should understand and implement best practices for passwords.
  • Implementing a Multi-layered defence
    An effective BEC defence secures all channels that attackers exploit. These include corporate email, personal webmail, business partners’ email, cloud apps, your web domain, the web and users’ own behaviour. Also, robust email security, domain authentication, account protection, content inspection and user awareness must work together in a holistic fashion.

Our partner Proofpoint provides you with an end-to-end, integrated solution to combat business email
compromise (BEC). You can reach us at